Location: Mumbai

Experience: 2 Years

Company overview:

Established in 2018, CyberNX Technologies is an innovative cybersecurity firm based in Mumbai, India. Our dynamic team, blending seasoned expertise with a modern, cloud-centric mindset, offers a full range of cybersecurity and cloud services. We are dedicated to facilitating secure digital transformation, working hand-in-hand with clients to embed information security into the foundation of their organizations. Our mission is to deliver cutting-edge cybersecurity solutions and services at competitive prices, ensuring our clients are well-protected against emerging threats.

Role overview:

We are seeking a proactive and detail-oriented professional to lead and enhance our customer's cybersecurity, compliance, and resilience initiatives. These candidates will play a pivotal role in implementing ISO27001:2022, conducting internal audits, ensuring compliance with regulatory mandates such as CERT-IN Guidelines, RBI and SEBI guidelines, and driving the customer organisation’s cyber resilience strategy.

Key Responsibilities:

1. ISO27001 Implementation and Management

•        Develop and implement an Information Security Management System (ISMS) as per ISO27001:2022 standards.

•        Conduct regular gap assessments, risk mapping and evaluations, and maintain ISMS

•        documentation.

•        Drive the ISO27001 certification process and manage ongoing compliance.

2. Internal Audits and Risk Assessments

•        Plan, execute, and document internal security audits to ensure adherence to organisational policies and regulatory standards.

•        Identify gaps, recommend corrective actions, and monitor their implementation.

•        Conduct periodic risk assessments to mitigate emerging threats.

3. Regulatory Compliance

•        Ensure full compliance with RBI and SEBI cybersecurity guidelines, including IT governance, resilience, and data protection requirements.

•        Stay updated on regulatory changes and advise the organization on necessary adjustments.

•        Oversee the preparation and submission of compliance reports to regulatory bodies.

4. Cybersecurity and Resilience

•        Develop and implement strategies to enhance the organization's cybersecurity posture and operational resilience.

•        Monitor and enforce security controls such as access management, data encryption, and incident response readiness.

•        Collaborate with IT teams to ensure secure infrastructure and application development practices.

5. Policy Development and Awareness

•        Draft and update cybersecurity and IT compliance policies to align with ISO27001, RBI, SEBI, and other standards.

•        Conduct training and awareness programs for employees to foster a security-first culture.

6. Incident Management

•        Lead the development and testing of incident response plans, ensuring quick and effective handling of security events.

•        Provide insights and corrective measures post-incident, enhancing future resilience.

7. Vendor and Third-Party Risk Management

•        Evaluate third-party vendors and service providers for compliance with security and regulatory standards.

•        Develop frameworks for monitoring vendor performance and adherence to contracts.

8. Continuous Improvement

•        Identify opportunities for improving IT governance, data protection, and compliance

•        frameworks.

•        Leverage technology and automation to streamline security and compliance processes.

Requirements:

• Strong understanding of RBI, SEBI, and other Indian regulatory frameworks.

• Expertise in internal audits and risk management.

• Excellent communication and presentation skills, stakeholder management, and problem-solving skills.

• Familiarity with tools and frameworks related to vulnerability management, SIEM, and compliance monitoring.